Identity Theft: It’s Big Business

(5/29/2013) Violent crime has given way to cybercrime. Identity theft has become the leading form of property crime surpassing traditional theft. Identity theft is described as the deliberant unauthorized use of someone’s credit card, bank account or any type of personal data for the purpose to defraud. There are multiple platforms identity thieves can tap into to ensnare their victims. Almost 9 million households reported last year that at least one family member had been involved in some form of identity theft. This comes with a direct financial loss of over $13 billion to the affected consumers however this figure does not include the cost to all Americans in the form of higher prices paid to offset these losses. Losses attributed to identity theft run throughout the financial system, to the consumer and to the taxpayer in both merchant and business losses. The most frustrating element of this crime is that it is difficult to investigate, prevent and control because of the lack of an evidence trail. The fraudsters typically use false information, fake addresses and phone numbers leaving behind a phony paper trail leading investigators nowhere.

Credit Cards:

Cybercriminals have discovered that hacking into business systems, which contain information on millions of consumers, is the most efficient method of credit card theft. Any business utilizing a computer is vulnerable to such an attack. Malware programs by the thousands have been developed by cybercriminals and have been deployed throughout the internet. The illegal acquisition of data through a basic point of sale system, the type used by most retailers, is also a vehicle which credit card thieves have been targeting in growing numbers.

Thieves are able to capture credit card numbers each time a purchase is made by an unsuspecting consumer and processed by an equally unsuspecting merchant. Merchants have been willing to clean up the mess from a cyber attack after the fact rather than investing in improved security to prevent one. The clean-up costs for such an attack can run up to $250 per stolen card number in addition to any notifications and legal settlements due to their victimized customers along with the added cost of removing any malware programs from their system.

Stolen Federal Tax Refunds:

Cybercriminals have also targeted the US Treasury by filing tax returns with stolen social security numbers along with associated birth dates of their victims. Almost a million false tax returns were filed in the tax year 2010, ripping off the U.S. taxpayers to the tune of 6.5 billion in illegitimate refunds. These stolen refunds are obtained when a cybercriminal files an electronic return with the IRS prior to the legitimate taxpayer having filed. The thief then typically obtains the refund by way of a difficult to trace debit card. These debit cards were initiated to aid those taxpayers who do not have a bank account. It can then take up to a year for the IRS to pay out the second claim to the legitimate tax payer whose identity was compromised and whose rightful refund was wrongfully diverted to the fraudster. Cybercriminals have even sunk to filing tax returns of the deceased and of those in prison. Apparently no one is safe from this type of attack.

Employment-Related Fraud:

False identities are sold to those who want to obtain employment in the US. This is not an uncommon practice of those who are in the country illegally; the author of this article was a victim of this type of identity theft. Combating this type of fraud has been easier since the adoption of the federal E-Verify system which is a web based free program used to compare the information on a job applicant’s I-9 form (Employer Eligibility Verification Form) to that of data from US government records.

Medical Fraud:

A thief may use your name and health insurance ID number to file a fraudulent insurance claim with your insurer, to see a doctor or to obtain prescription drug coverage. Protect your medical identity by checking your medical records for false information. Never share your medical insurance information with anyone (particularly by phone or email) and destroy all related documents with sensitive information on it, even pharmacy prescription disclosures and labels. Watch for unexpected changes in your health insurance benefit limit for signs of trouble. Request what’s referred to as an accounting of disclosures from your medical provider to see who has requested your medical records and where they have been sent. Ask your health insurance company for a record of benefits paid out in your name on a regular basis.

Who’s Most at Risk for Identity Theft?

Those Age 50+ - this age group accounts for over 35% of all identity theft. Those states inhabiting many retirees such as Florida, Arizona, Nevada, Texas and California have the highest occurrence of identity theft.

Students — those with a limited credit history are also at a high risk of being targeted by identity thieves and account for over 20% of all such thefts.

Children — who has more spotless credit than a child with absolutely no credit history? Often it is a direct relative of the child who uses the child’s identity to open credit cards and take out other secured and un-secured loans. This type of fraud has been given the nickname “friendly fraud” because of the close connection of the fraudster to the young victim.

How you can Protect yourself:

Shred, Shred & Shred….

The first line of defense is to shred all documents that contain sensitive personal information. This includes but is not limited to: social security, bank account, credit card and insurance information. Keep all personal and confidential documentation in your home or office in file cabinets, preferably locked up.

Initial Fraud Alerts

If you have experienced a breach in the security of your identity, report the incident to one of the three major credit reporting companies by way of filing an Identity Theft Report. Consumers are permitted to order a free credit report from each of three credit reporting companies so it can be determined if false information exists anywhere on their report. Next, request an initial fraud alert. When a consumer requests that one of the three major credit reporting companies places a fraud alert on their credit report, the selected company must then in turn report it to the other two. The alert is free and lasts for a period of 90 days. This initial alert will make it more difficult for an identity thief to open accounts using stolen information. With the alert in place, a business should verify the identity of the credit applicant before issuing credit. It is recommended that a consumer ensure that all three credit reporting companies have their correct contact information on file.

Extended Fraud Alerts

A fraud alert lasting up to seven years may be obtained if a consumer directly contacts all three credit reporting companies. Placing an extended fraud alert is also free. The consumer must include a copy of their Identity Theft Report when the extended fraud alert is requested. Each of the three credit reporting companies may have a form that must be completed. When an extended fraud alert is requested, the consumer is then entitled to up to two free credit reports from each of the three credit reporting companies within a year. The credit reporting companies are also required to remove the consumer’s name from paid marketing lists for five years.

The Credit Freeze: A Gold Standard of Protection

A credit freeze will halt all access to a consumer’s credit report unless unlocked or unfrozen personally by the consumer through the use of a unique PIN number. Placing and removing a credit freeze will require a fee, depending upon each state’s laws, but it may be free for victims of identity theft in your state. You must comply with the rules of each of the three credit reporting companies as well as the particular policy of the state involved. Consumers can remove a freeze for a specific period of time, typically up to a year, if they intend to apply for a lot of credit and want to avoid the hassle and fees involved in successively unfreezing and re-freezing their credit. For example this may make sense for those looking to purchase a home and plan to submit several mortgage loan applications in the process. However for those who are not anticipating needing access to their credit, this is a gold standard for protection and it is less costly than paying a monthly or annual fee to an outside service for the protection. It has been reported that those companies a consumer has already established an authorized relationship with will have access to a consumer’s credit even after it is frozen, however it has been reported that this may not always be the case.

For more detailed information or to check your credit, file a dispute, request a fraud alert or credit freeze, contact the three major credit reporting companies below:

The information contained on this website is provided as a supplemental educational resource. Readers having legal or tax questions are urged to obtain advice from their professional legal or tax advisors. While the aforementioned information has been collected from a variety of sources deemed reliable, it is not guaranteed and should be independently verified. ERATE does not endorse any of the lenders on our website.